From bfcfcce3803bd6cced78a38de6c6814fbb9099c1 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Fri, 6 Jan 2023 05:07:18 +0000
Subject: [PATCH] ANDROID: fips140: unapply ABS32 relocations generated by KCFI

KCFI generates ABS32 relocations in the .text section.  In the temporary
copy of the .text section that the FIPS integrity check is done on,
these relocations need to be unapplied for the integrity check to pass.

Example from 'llvm-readelf --relocs --wide fips140.ko':

    Relocation section '.rela.text' at offset 0x5b4a8 contains 2008 entries:
        Offset             Info             Type               Symbol's Value  Symbol's Name + Addend
    [...]
    0000000000000c80  0000092900000102 R_AARCH64_ABS32        0000000050e29065 __kcfi_typeid_pmull_ghash_update_p64 + 0
    0000000000000e08  0000092800000102 R_AARCH64_ABS32        0000000050e29065 __kcfi_typeid_pmull_ghash_update_p8 + 0

Bug: 188620248
Change-Id: I85c01641114a66b2603abce467977823469f50c8
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/fips140-module.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crypto/fips140-module.c b/crypto/fips140-module.c
index efc8baf71fab..6aa0c13db4bb 100644
--- a/crypto/fips140-module.c
+++ b/crypto/fips140-module.c
@@ -291,6 +291,10 @@ static void __init unapply_text_relocations(void *section, int section_size,
 
 		switch (ELF64_R_TYPE(rela->r_info)) {
 #ifdef CONFIG_ARM64
+		case R_AARCH64_ABS32: /* for KCFI */
+			*place = 0;
+			break;
+
 		case R_AARCH64_JUMP26:
 		case R_AARCH64_CALL26:
 			*place &= ~GENMASK(25, 0);